FingerID service recognized by major conference award

Published: 14 March 2011

A new service developed by a researcher at the University of Southampton which makes it possible for users to maintain multiple online accounts using a scan of their fingerprint as a password, has been recognized by a recent major conference award.

The new service, FingerID, has been developed by Sara Alotaibi, of ECS-Electronics and Computer Science at the University. Sara won Best Paper Presentation Award for her work at a recent IEEE World CIS (Congress on Internet Security) Conference 2011 in London, as recorded on WorldCIS’s Website: http://www.worldcis.org/Programme.html

“FingerID provides users with the facility to maintain multiple web accounts from a single source just using a fingerprint, and eliminates their concerns about having to remember multiple usernames and passwords,” said Ms Alotaibi.

In order to develop FingerID, Ms Alotaibi evaluated existing and proposed systems geared towards replacing the conventional form of authentication using a username and password on the Web, and found that not much work had been done in this field.
She went on to evaluate these systems against criteria such as security, accessibility and usability, as a result of which she generated a concept which could fundamentally alter the entire authentication mechanism, replacing memorised passwords with fingerprint data. This laid the foundation for FingerID - a service to maintain multiple web accounts with the user's fingerprint.

She also ran an online survey to assess the need for this service among users. She received responses from 191 participants and found that almost half of those who took part (44.75 per cent) had more than 14 accounts on the Web and that just over 30 per cent did not like to share their personal information online.

The FingerID system is programmed to request the user’s fingerprint scan for registration purposes. Following registration, the user can then gain access to multiple web accounts under one service. The registration process of the user will only take place once, and later scans will be used to verify the user to provide access to web accounts. The FingerID system is composed of two main parts: web site and software (browser).

Ms Alotaibi will go on to develop her approach further in her PhD (supervised by Dr David Argles and Dr Mike Wald in ECS) when she will look at using other aspects of authentication such as palm prints and face gestures.

An extended version of Ms Alotaibi’s paper will be published in the International Journal of Intelligent Computing Research (IJICR), Volume 2, Issue 1, ISSN: 2042 4655 (Online), http://www.infonomics-society.org/IJICR/